#dvn Meeting

Meeting summary

1. intro (pdurbin, 19:01:49)
   
2. summarizing how authentication works in a Dataverse Network today (pdurbin, 19:05:40)
   
3. reaching a common understanding of what Shibboleth is (pdurbin, 19:11:03)
   1. http://shibboleth.net/about/basic.html has more about the main "actors" in Shibboleth. I want to focus on the Identity Provider (IdP) vs. the Service Provider (SP) (pdurbin, 19:11:35)
   2. https://github.com/dvn/shibpoc contains all the configuration for how I set up dvn-vm2 (pdurbin, 19:17:23)
   3. https://dvn-vm2.hmdc.harvard.edu/secure/ example show protecting files from download (pdurbin, 19:28:34)
   
   
4. roughing out a plan for how to integrate Shibboleth into the DVN (pdurbin, 19:28:57)
   1. option 1: fronting Glassfish with Apache (pdurbin, 20:02:55)
   2. option 2: OpenAM (pdurbin, 20:03:50)
   3. option 3: write our own Service Provider (SP) with OpenSAML (pdurbin, 20:09:24)
   4. AGREED: use testshib.org first, then Harvard's test IdP when available (pdurbin, 20:22:22)
   5. ACTION: pdurbin to add basic, non-shib auth to iqss-javaee-template and later OpenAM for testing with testshib.org (pdurbin, 20:24:32)
   
   
5. discussing implications of Shibboleth integration (pdurbin, 20:26:21)
   1. IDEA: make sure we can support multiple IdPs (pdurbin, 20:27:07)
   2. shib-enabled DVNs will probably still need local login as well (pdurbin, 20:27:43)
   3. http://irclog.iq.harvard.edu/dvn/2013-02-13#i_855 discussion of local login and other implications of enabling Shibboleth in a DVN (pdurbin, 20:29:03)

Action items

1. pdurbin to add basic, non-shib auth to iqss-javaee-template and later OpenAM for testing with testshib.org

Action items, by person

1. pdurbin
   1. pdurbin to add basic, non-shib auth to iqss-javaee-template and later OpenAM for testing with testshib.org

People present (lines said)

1. pdurbin (159)
2. marlena (49)
3. sbmarks (13)
4. bobtreacy (7)
5. gdurand (6)
6. zodbot (2)